Social Icons

Pages

Saturday, January 31, 2015

The Case Against DRM Needs to Be Made Now

DRM, or digital rights management, is a digital lock placed on media content and devices. Supporters
say DRM protects businesses and artists from piracy and theft. Sounds
good, right? Opponents say it kills innovation, doesn't stop piracy, and
helps malware distributors. This month, a group led by the Electronic
Frontier Foundation has assembled to come up with ways to fight DRM.

The
World Wide Web Consortium, which just admitted the MPAA, has been
pushing for every internet browser with HTML5 to ship with DRM since
2013. With Google, Netflix, and Microsoft on their side, it looks like DRM could very well become a requirement for browsers. But the opposition is about to take a stand. The Apollo 1201
project, led by the EFF with special consultant Cory Doctorow, is
working with researchers and academics to try to repeal laws supporting
DRM, including section 1201 of the Digital Millennium Copyright Act.

Why DRM Sucks: Part One

When you buy an e-book, Keurig coffee-making machine,
iTunes media, or any wide host of gadgets and files, their sellers add
DRM technology to control the ways you can use what you bought. So if
you buy a Keurig, for example, the DRM prevents you from using
non-Keurig coffee pods. If you buy a movie from iTunes, that means you
can't put it on a DVD. These controls let companies put limits on the
products they sell, and means people who buy them are circumscribed with
what they can do with what they've purchased. It's like buying a tub of
ice cream with a special lid that locks if you try to share with a
friend or blend it into a milkshake.

And while it ostensibly protects creators, it also puts them at the whims of companies like Amazon and Apple. "Every time you buy a DRMed Kindle book, you can't move it to a Nook or Kobo or any device that comes in the future. So that means that if I don't like the way I'm getting treated by Amazon and want to sell my books elsewhere, I have to cross my fingers and hope you're willing to buy all my books again to read them on the new platform, or be willing to maintain two separate ecosystems to continue to access my stuff," Doctorow told me via email.

Why DRM Sucks: Part 2 (Horrorshow Edition)

So
that's all shitty, but Doctorow believes there's another valid argument
against DRM that everybody should be able to get behind. Far from
safeguarding people, these controls could be the impetus for some
serious security problems. "The real horrorshow is that DRM requires that your computer be designed to hide its operations from you, and the DMCA makes it a felony to tell you about vulnerabilities in the DRM that can be exploited by creeps
and thugs and crooks and spies," Doctorow said. This means that it'd be
illegal, for instance, to report a discovery of spyware ingrained in a
program, whether it's put there by the NSA or some Russian malware ring.

"I think that most people miss that DRM can't be sustained without laws mandating silence about DRM's flaws," he said. These
laws make it illegal to point out security problems, so white-hat
hackers who violate DRM to discover vulnerabilities could go to jail for
reporting serious issues. "No one really thinks about this- that they're filling their lives with voice- and gesture-controlled devices (implying that they're never out of range of a mic and a camera), and the government is willing to imprison people who point out potentially lethal flaws in them."

Doctorow
hates DRM for basically all the reasons anyone could hate it, but he's
adamant that it could end up dicking everyone over by hugely
de-incentivizing people to report security flaws or malware. That's a
compelling reason for anyone to support reform, if not an outright
repeal of laws that push DRM.

This
push against DRM is happening at a pivotal time, since the push for the
technology has already developed momentum. In 2014, Mozilla was coerced into putting DRM in its browser,
because Netflix and other video providers are preparing to implement a
system where their content would require DRM. It was either keep
fighting or lose the ability to show people Netflix, which would've
tanked Firefox.

It's a
long-shot that Apollo 1201 will succeed. But DRM is a threat to online
security (not to mention creativity) that is worth fighting against
despite the odds.